package com.smart.home.interceptor;

import com.smart.home.constant.UsersConstant;
import com.smart.home.context.UserContext;
import com.smart.home.properties.JwtProperties;
import com.smart.home.utils.DeviceFingerprintUtil;
import com.smart.home.utils.JwtUtil;
import io.jsonwebtoken.Claims;

import org.springframework.web.servlet.HandlerInterceptor;

import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;


import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


/**
 * jwt令牌校验的拦截器
 */
@Component
@Slf4j
public class JwtTokenAdminInterceptor implements HandlerInterceptor {

    @Autowired
    private JwtProperties jwtProperties;

    @Autowired
    private RedisTemplate redisTemplate;
    /**
     * * 校验jwt
     * @param request
     * @param response
     * @param handler
     * @return
     * @throws Exception
     */

    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //判断当前拦截到的是Controller的方法还是其他资源
        if (!(handler instanceof HandlerMethod)) {
            //当前拦截到的不是动态方法，直接放行
            return true;
        }

        //1、从请求头中获取令牌
        String token = request.getHeader(jwtProperties.getAdminTokenName());

        //2、校验令牌
        try {
            log.info("jwt校验:{}", token);
            Claims claims = JwtUtil.parseJWT(jwtProperties.getAdminSecretKey(), token);
            Long empId = Long.valueOf(claims.get("id",Long.class).toString());
            log.info("当前员工id：{}", empId);
            //在这里我们将当前登录用户的id保存到ThreadLocal中，方便后续使用
            UserContext.setUserId(empId);

            //token 黑名单不能进入
            String blackToken = UsersConstant.USER_TOKEN_BLACKLIST + UserContext.getUserId() + ":" + DeviceFingerprintUtil.getFingerprint(request);
            String object =(String) redisTemplate.opsForValue().get(blackToken);

            if(object == null){
                return true;
            }

            if(object.equals(token)){
                log.info("token处于黑名单中，这个token有问题");
                throw new RuntimeException(UsersConstant.TOKEN_IS_BLACKLIST);
            }

            //3、通过，放行
            return true;

        } catch (Exception ex) {
            //4、不通过，响应401状态码
            response.setStatus(401);
            return false;
        }



    }
}
